WASHINGTON (AP) – The FBI director told lawmakers on Thursday the office was discouraging ransomware payments to hacking groups even as large companies participated in multi-million dollar deals over the past month aimed at remitting their online systems.
“It is our policy, it is our directive, of the FBI, that companies should not pay the ransom for a number of reasons,” Christopher Wray said during questioning by members of the Judicial Committee of the Bedroom.
Besides the fact that such payments can encourage additional cyber attacks, victims may not automatically recover their data despite millions of dollars, “and it is not unheard of,” Wray said.
In ransomware attacks, hackers block and encrypt a victim’s data and demand payment in order to return it. They have multiplied over the past year, targeting not only hospitals and police departments, but also critical infrastructure and vital industries. Some large recent target companies have responded by paying the ransom, fearing that a prolonged shutdown of their businesses could have catastrophic consequences for the country and disrupt crucial supply chains.
Colonial Pipeline, which carries around 45% of the fuel consumed on the east coast, last month paid a ransom of 75 bitcoins – then valued at around $ 4.4 million – in hopes of bringing its system back online.
On Wednesday, JBS SA, the world’s largest meat processing company, revealed that it had paid the equivalent of $ 11 million to hackers who broke into its computer system last month.
Colonial Pipeline CEO Joseph Blount told lawmakers this week that the decision to pay the ransom was the most difficult choice of his career but ultimately the right thing to do, especially given the gas shortages that made it surface within days in parts of the United States. He said that although the key given to the company to decrypt its data was not working perfectly, Colonial resumed operations after a brief hiatus.
The Justice Department said it was able to recover the majority of the payment for the ransomware after locating the virtual wallet used by the hackers. Wray said that in addition to helping businesses in this way, the FBI has also in some cases been able to obtain the hackers’ encryption keys and unlock the data entered without any payment. be carried out.
“There is a whole bunch of things we can do to stop this activity from happening, whether they pay the ransom or not, if they communicate, coordinate and work closely with law enforcement as soon as possible. the start, ”he said. “This is I think the most important part.”
Calling all HuffPost superfans!
Sign up to become a founding member and help shape the next chapter of HuffPost